The National Security Agency has released a cybersecurity information sheet outlining the best practices for event logging and threat detection in cloud services, enterprise networks, mobile devices and operational technology networks.

The CSI was published in collaboration with other federal agencies, such as the Cybersecurity and Infrastructure Security Agency, and international partners, led by the Australian Signals Directorate’s Australian Cyber Security Centre, NSA said.

“Best Practices for Event Logging and Threat Detection” is designed to help organizations’ IT and cyber personnel defend against threat actors that use living-off-the-land techniques.

“Implementing and maintaining an effective event logging solution improves the security and resilience of systems by enabling network visibility and quicker incident response,” NSA Cybersecurity Director Dave Luber said in a statement.

He noted that organizations must bolster their resilience against advanced attack strategies in today’s cyberthreat environment.

In the publication, the NSA details the important considerations when applying logging best practices, namely enterprise-approved logging policy, centralized log access and correlation, secure storage and log integrity, and detection strategy for relevant threats.

Public and private sector organizations are advised to review the guide and execute its recommended actions, which can help identify malicious activity, behavioral anomalies, and compromised networks, devices or accounts.

The National Institute of Standards and Technology is seeking public comments on a draft version of its updated digital identity guidance.

The draft Digital Identity Guidelines Special Publication 800-63 Revision 4 aims to ensure security, privacy and accessibility during the identity-proofing process for people accessing government services, regardless of the means by which a person chooses to prove their identity, NIST said Wednesday.

NIST incorporated feedback gathered in 2023 from private industry, federal agencies, privacy and civil rights advocacy groups, and members of the public into the updated guidance which, according to Office of Management and Budget deputy director for management Jason Miller, will help federal agencies better defend against evolving threats while providing critical benefits and services to the American people.

“These improved guidelines are intended to help organizations of all kinds manage risk and prevent fraud while ensuring that digital services are lawfully accessible to all,” said NIST Director Laurie Locascio.

Comments on the latest guidance will be accepted until Oct. 7. NIST will hold a webinar on Wednesday to discuss the draft publication.